University of Minnesota Duluth
People | Departments | Search UMD
I. T. S. S. provides the campus community with a high-quality technology systems and services.

Skip to: content

What's Inside

Software

ITSS Services

OS Updates & Patches

Tips and resources

ITSS Home : Virus and Security Info

Virus & Security Information

Fake Anti-virus software
03.04.09: We have seen a marked increase in the number of fake anti-virus installations on computers on the University network. These programs are disguised as legitimate antivirus tools, often offering false scans or creating pop-up windows which warn users that their systems are 'infected'. Once the user installs it, the fake AV programs prompt the user to purchase additional "security" products, and some also are used to collect credit card info and other private data.
There are many versions of fake AV software roaming the Internet, including Windows AntiVirus, Windows AntiVirus 2008, AntiVirus Lab 2009, Antispyware Pro, AntiVirus XP 2008, and AVG 360.
If you have installed any of these malicious programs on your computer, you should take steps to remove them now. For University-owned computers, we recommend bringing the computer to the ITSS TechCenter to have a full virus/malware scan.
If you wish to try to remove it on your own:
Security Tools for Your Desktop
04.03.08: As part of our Desktop Computer Security Check, ITSS recommends a number of secure tools and utilities for use on your computer. But what do all of these tools do? Following is a brief description of each tool, and a link to further information.

CCleaner
What is does: CCleaner is a system optimization and privacy tool. It removes unused files from your system, which allows Windows to run faster and frees up valuable hard disk space. It also cleans traces of your online activities (such as deleting temporary files, URL history, cookies, and download history), and deletes files in the Windows Recycle Bin, Recent Documents, Temporary files and Log files.
Eraser
What it does: Eraser is a secure data removal tool for Windows. It completely removes sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Putty
What it does: PuTTY is an SSH and telnet client, which can be used to create a secure connection to a remote Unix-based server (such as ub).
umChat/Jabber
UMChat/Jabber is a secure Instant Messaging service (IM) at the University of Minnesota that enables U of MN students, staff and faculty to exchange messages on the Internet in real time. One of the key features of UMChat is that it's tied in with the university X.500 account system. This allows IM users to associate each chat participant with their "University" identity: users can't masquerade as someone else and you always know who you're talking to.
VPN
VPN (Virtual Private Network) lets you make a secure connection to a University computer from an off-campus, non-UMD connection (for example, cable or DSL modem). When you use UMD's VPN service, it makes your computer appear as though it is directly attached to UMDNet, and provides the same security and access to restricted resources that you have while on campus.
WinSCP
WinSCP is an open source, secure FTP (SFTP) client for transerring files to and from remote servers, such as the UMD web server.
Symantec 10 Server Available on Campus
03.03.08: ITSS recently rolled out a new Symantec AntiVirus 10 server - AV3 - which will allow University computers running Symantec AV 10 to run as "managed" and connect to a local server for their updates.
Symantec AV 10 can be run in either "Managed" or "Unmanaged" mode. In Unmanaged mode, computers connect to symantec.com for their updates; in Managed mode, computers connect to the local server (AV3) for updates. Running a local server allows ITSS staff to make updates available to campus computers quickly in the event of a wide-spread virus attack. It also cuts down on the amount of Internet traffic as computers get their updates.
All computers should be updated to the latest version of Symantec, as version 10 provides significantly more protection than prior versions. Details on downloading and upgrading to the latest version can be found at: http://www.d.umn.edu/itss/security/nav/
For assistance in upgrading your computer to a newer version or changing from Unmanaged to Managed mode, contact the ITSS Help Desk (x8847).
Fake e-cards/postcards
07.05.07: We're seeing a significant increase in incoming "Storm Worm" fake e-card emails. These emails contain a link to a malicious website that, when visited, automatically installs malware on the user's system.
Detecting the fakes: The fakes are difficult to identify as the subject lines continue to change ("4th Of July Celebration," "Celebrate Your Nation," "July 4th Fireworks Show," etc. ). Additionally, they spoof many legitimate sites such as hallmark.com, VintagePostcards.Com, funnypostcards.com, americangreetings.com, mypostcards.com, and others.
However, one common thread is that the postcard/e-card is from an unnamed source, i.e, an admirer, class-mate, colleague, family member, friend, mate, neighbor, partner, school friend, school mate, etc. For example:
"Hi. Class mate has sent you a postcard.
See your card as often as you wish during the next 15 days."
What to do: If you receive one of these fake e-cards, delete it. If you think you may have already visited a malicious site, your computer should be reviewed and/or cleaned. Contact the ITSS Help Desk (x8847) for more information.
Options for Storing Private Data
05.07: University policy states that if you store private data on your laptop or desktop, you must take steps to encrypt the data to help prevent unauthorized disclosure of private data. Data encryption software is available in many forms but requires quite a bit of technical expertise to run. An alternative is to store private data on a central system server, and there are a number of options available. For more information, see: Desktop Security: Options for Storing Private Data.
Email and Private Data
04.07: Partnering with the Office of Information Technology, the University Privacy & Security Office produced the Public Jobs: Private Data Security Training. The program covers security measures required for handling private data protected under federal and state laws as well as University policies. Employees learn to identify security issues, how to protect data and hardware, and the protocol for responding to a security problem. For more information, see: Desktop Security: Email and Private Data.
Secure Data Deletion
03.07: All faculty, staff, and student employees are required to guard the privacy of any private data the University of Minnesota stores and maintains electronically. This includes disposing of any storage devices securely. The University of Minnesota Standard on Secure Data Deletion is an official policy. For more information, see: Secure Data Deletion.
What is private data?
11.06: University faculty and staff are required to manage private data. To do that, one must know the meaning of the term private data and what it means to protect it. For more information, see: Desktop Security: Managing Private Data.
Managing Private Data
10.06: All students, faculty and staff recently received an email correspondence from OIT Security regarding safe-guarding private data. According to OIT's web site: "The University of Minnesota values the privacy of every member of its community, but protecting private data is more challenging than it's ever been. We read or hear, almost daily, about incidents in which private data has been compromised through theft, negligence or ignorance. As a result, we all need to take responsibilities for understanding what legally protected private data is and how we can protect it." For more information, see: Managing Private Data
P2P File Sharing
09.06: Peer-to-peer (P2P) software is generally considered unacceptable to use on the University network, except in rare situations. P2P and anonymous file sharing programs on your computer can inadvertently allow access to your entire computer. P2P file sharing networks have also recently been used to spread viruses and worms. For more information, see: Desktop Security: P2P File Sharing.

Rev: 05.07 sb

Didn't find what you were looking for?